diff options
| -rw-r--r-- | flake.lock | 68 | ||||
| -rw-r--r-- | flake.nix | 13 | ||||
| -rw-r--r-- | hosts/atlas/default.nix | 2 | ||||
| -rw-r--r-- | hosts/p-body/default.nix | 2 | ||||
| -rw-r--r-- | hosts/profiles.nix | 22 | ||||
| -rw-r--r-- | parts/ci.nix | 86 | ||||
| -rw-r--r-- | parts/default.nix | 1 | ||||
| -rw-r--r-- | parts/lib/configs.nix | 68 | ||||
| -rw-r--r-- | users/default.nix | 21 | ||||
| -rw-r--r-- | users/users.nix | 18 |
10 files changed, 238 insertions, 63 deletions
@@ -239,6 +239,72 @@ "type": "github" } }, + "haskell-flake": { + "locked": { + "lastModified": 1684780604, + "narHash": "sha256-2uMZsewmRn7rRtAnnQNw1lj0uZBMh4m6Cs/7dV5YF08=", + "owner": "srid", + "repo": "haskell-flake", + "rev": "74210fa80a49f1b6f67223debdbf1494596ff9f2", + "type": "github" + }, + "original": { + "owner": "srid", + "ref": "0.3.0", + "repo": "haskell-flake", + "type": "github" + } + }, + "hercules-ci-agent": { + "inputs": { + "flake-parts": [ + "flake-parts" + ], + "haskell-flake": "haskell-flake", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688568579, + "narHash": "sha256-ON0M56wtY/TIIGPkXDlJboAmuYwc73Hi8X9iJGtxOhM=", + "owner": "hercules-ci", + "repo": "hercules-ci-agent", + "rev": "367dd8cd649b57009a6502e878005a1e54ad78c5", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-agent", + "type": "github" + } + }, + "hercules-ci-effects": { + "inputs": { + "flake-parts": [ + "flake-parts" + ], + "hercules-ci-agent": [ + "hercules-ci-agent" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1689397210, + "narHash": "sha256-fVxZnqxMbsDkB4GzGAs/B41K0wt/e+B/fLxmTFF/S20=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "0a63bfa3f00a3775ea3a6722b247880f1ffe91ce", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -485,6 +551,8 @@ "flake-utils": "flake-utils", "getchoo": "getchoo", "guzzle_api": "guzzle_api", + "hercules-ci-agent": "hercules-ci-agent", + "hercules-ci-effects": "hercules-ci-effects", "home-manager": "home-manager", "lanzaboote": "lanzaboote", "nix-index-database": "nix-index-database", @@ -62,6 +62,19 @@ inputs.pre-commit-hooks.follows = "pre-commit-hooks"; }; + hercules-ci-agent = { + url = "github:hercules-ci/hercules-ci-agent"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-parts.follows = "flake-parts"; + }; + + hercules-ci-effects = { + url = "github:hercules-ci/hercules-ci-effects"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.hercules-ci-agent.follows = "hercules-ci-agent"; + inputs.flake-parts.follows = "flake-parts"; + }; + home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/atlas/default.nix b/hosts/atlas/default.nix index 27a199f..deb0490 100644 --- a/hosts/atlas/default.nix +++ b/hosts/atlas/default.nix @@ -16,8 +16,6 @@ tmp.cleanOnBoot = true; }; - server.secrets.enable = true; - networking = { domain = "mydadleft.me"; hostName = "atlas"; diff --git a/hosts/p-body/default.nix b/hosts/p-body/default.nix index 5709ba4..6d3edaf 100644 --- a/hosts/p-body/default.nix +++ b/hosts/p-body/default.nix @@ -14,7 +14,7 @@ ./victoriametrics.nix ]; - server.secrets.enable = true; + boot.supportedFilesystems = ["btrfs"]; networking = { domain = "mydadleft.me"; diff --git a/hosts/profiles.nix b/hosts/profiles.nix index eb69fc6..b2d2470 100644 --- a/hosts/profiles.nix +++ b/hosts/profiles.nix @@ -102,13 +102,21 @@ in { server = { enable = true; - services.promtail = { - enable = true; - clients = [ - { - url = "http://p-body:3030/loki/api/v1/push"; - } - ]; + secrets.enable = true; + services = { + hercules-ci = { + enable = true; + secrets.enable = true; + }; + + promtail = { + enable = true; + clients = [ + { + url = "http://p-body:3030/loki/api/v1/push"; + } + ]; + }; }; }; diff --git a/parts/ci.nix b/parts/ci.nix new file mode 100644 index 0000000..1f74d15 --- /dev/null +++ b/parts/ci.nix @@ -0,0 +1,86 @@ +{ + config, + inputs, + self, + withSystem, + ... +}: let + ciSystems = [ + "x86_64-linux" + "aarch64-linux" + ]; +in { + imports = [ + inputs.hercules-ci-effects.flakeModule + ]; + + herculesCI = {lib, ...} @ herculesCI: { + inherit ciSystems; + + onPush.default = let + inherit (builtins) elem seq; + inherit (lib) filterAttrs mapAttrs mkForce; + + findCompatible = filterAttrs (s: _: elem s ciSystems); + findCompatible' = filterAttrs (_: v: elem v.pkgs.system ciSystems); + findSystem = system: filterAttrs (s: _: s == system); + #buildCfgs = mapAttrs (_: v: v.config.system.build.toplevel); + evalCfgs = mapAttrs (_: v: seq v.config.system.build.toplevel v.pkgs.emptyFile); + in + mkForce { + outputs = { + checks = findCompatible self.checks; + devShells = findSystem "x86_64-linux" self.devShells; + homeConfigurations = findSystem "x86_64-linux" self.homeConfigurations; + nixosConfigurations = evalCfgs (findCompatible' self.nixosConfigurations); + }; + }; + + onSchedule = let + inherit (lib) mkForce mapAttrs optionalAttrs; + + mkUpdateEffect = inputs: pullRequestTitle: let + cfg = config.hercules-ci.flake-update; + in + withSystem cfg.effect.system ({hci-effects, ...}: + hci-effects.flakeUpdate { + gitRemote = herculesCI.config.repo.remoteHttpUrl; + user = "x-access-token"; + autoMergeMethod = "rebase"; + commitSummary = pullRequestTitle; + module = cfg.effect.settings; + inherit pullRequestTitle inputs; + inherit (cfg) updateBranch forgeType createPullRequest pullRequestBody; + }); + + mkUpdates = mapAttrs (n: { + inputs ? [], + dayOfMonth ? [], + msg ? "all", + }: + mkForce { + when = + { + hour = [0]; + minute = 0; + } + // optionalAttrs (dayOfMonth != []) {inherit dayOfMonth;}; + + outputs = { + effects.${n} = mkUpdateEffect inputs "flake: update ${msg} inputs"; + }; + }); + in + mkUpdates { + nixpkgs-update = { + inputs = ["nixpkgs" "nixpkgs-stable"]; + msg = "nixpkgs"; + }; + + flake-update = { + dayOfMonth = [1 8 15 22 29]; + msg = "all"; + }; + }; + }; +} diff --git a/parts/default.nix b/parts/default.nix index 3626f4a..c382e21 100644 --- a/parts/default.nix +++ b/parts/default.nix @@ -1,5 +1,6 @@ _: { imports = [ + ./ci.nix ./deploy.nix ./dev.nix ./lib diff --git a/parts/lib/configs.nix b/parts/lib/configs.nix index 9f7ac91..7b4e428 100644 --- a/parts/lib/configs.nix +++ b/parts/lib/configs.nix @@ -3,13 +3,9 @@ self, ... }: let - inherit (builtins) attrNames elemAt map; - inherit (inputs.nixpkgs.lib) flatten genAttrs optional splitString; - - archs = ["x86_64" "aarch64"]; - os' = ["linux" "darwin"]; - mkSystems = systems: flatten (map (sys: map (arch: ["${arch}-${sys}" "${arch}-${sys}"]) archs) systems); - systems = mkSystems os'; + inherit (builtins) attrNames mapAttrs; + inherit (inputs) nixpkgs home-manager; + inherit (nixpkgs.lib) genAttrs optional; mkSystemCfg = name: { profile, @@ -27,40 +23,34 @@ else modules ++ profile.modules ); }; -in { - inherit mkSystemCfg; - mapSystems = builtins.mapAttrs mkSystemCfg; - genHMCfgs = users: let - names = flatten (map (user: map (system: "${user}@${system}") systems) (attrNames users)); - in - genAttrs names (name: let - getPart = elemAt (splitString "@" name); - username = getPart 0; - system = getPart 1; - in - inputs.home-manager.lib.homeManagerConfiguration rec { - pkgs = import (users.${username}.nixpkgs or inputs.nixpkgs) ( - {inherit system;} // users.${username}.nixpkgsArgs or {} - ); + mkHMCfg = name: { + nixpkgs ? nixpkgs, + pkgs ? import nixpkgs {system = "x86_64-linux";}, + extraSpecialArgs ? inputs, + modules ? [], + }: + home-manager.lib.homeManagerConfiguration { + inherit extraSpecialArgs pkgs; - extraSpecialArgs = users.${username}.extraSpecialArgs or inputs; + modules = + [ + self.homeManagerModules.${name} + ../../users/${name}/home.nix - modules = - [ - self.homeManagerModules.${username} - { - _module.args.osConfig = {}; - programs.home-manager.enable = true; - } - ../../users/${username}/home.nix - ] - ++ optional pkgs.stdenv.isDarwin ../../users/${username}/darwin.nix - ++ users.${username}.modules or []; - }); + { + _module.args.osConfig = {}; + programs.home-manager.enable = true; + } + ] + ++ optional pkgs.stdenv.isDarwin ../../users/${name}/darwin.nix + ++ modules; + }; +in { + inherit mkHMCfg mkSystemCfg; + mapHMUsers = mapAttrs mkHMCfg; + mapSystems = mapAttrs mkSystemCfg; - genHMModules = users: let - names = attrNames users; - in - genAttrs names (name: import ../../users/${name}/module.nix); + genHMModules = users: + genAttrs (attrNames users) (name: import ../../users/${name}/module.nix); } diff --git a/users/default.nix b/users/default.nix index 77836f5..2dc930c 100644 --- a/users/default.nix +++ b/users/default.nix @@ -3,21 +3,14 @@ self, ... }: let - inherit (self.lib.configs) genHMCfgs genHMModules; - - users = { - seth = { - nixpkgsArgs = { - overlays = with inputs; [nur.overlay getchoo.overlays.default]; - }; - modules = [ - inputs.nix-index-database.hmModules.nix-index - ]; - }; - }; + inherit (self.lib.configs) mapHMUsers genHMModules; + users = import ./users.nix inputs; in { + perSystem = {system, ...}: { + homeConfigurations = mapHMUsers (users system); + }; + flake = { - homeConfigurations = genHMCfgs users; - homeManagerModules = genHMModules users; + homeManagerModules = genHMModules (users "x86_64-linux"); }; } diff --git a/users/users.nix b/users/users.nix new file mode 100644 index 0000000..af8a9ae --- /dev/null +++ b/users/users.nix @@ -0,0 +1,18 @@ +{ + getchoo, + nixpkgs, + nix-index-database, + nur, + ... +}: system: { + seth = { + pkgs = import nixpkgs { + inherit system; + overlays = [nur.overlay getchoo.overlays.default]; + }; + + modules = [ + nix-index-database.hmModules.nix-index + ]; + }; +} |